Hello Boys and girls, I got my c2 delivered today, but I changed the pin code to a code which I dont remember. And I am trying for hours to reset the os to default. But i am too stupid for it.
Can someone explain me for dummies how to get into recovery mode and flash the os again.
Please Please Please help me, I have my phone since 6 hours but i am not able to use it.
There is no recovery or reflesh in C2 yet.
Sorry, no idea how to help you. Not sure itâs even possible without recovery or reflesh.
Good luck remembering or any other fast solution.
thats a joke? I just forgott the pin code and to be honest i am not sure if sailfish changed the code by hisself. Is there really no solution?. I am stuck with a 320 euro smartphone because of fucking pin code⌠That cannot bee. There has to be a wayâŚ
The âforgot pinâ is also a use case by a thief to access your data, you wouldnât want thieves to be able to just decrypt your personal data, you can probably contact jolla via zendesk and send it to them to reflash it for you and send back over (for devices with unlocked bootloader and recovery partition in place you could try bruteforcing, but C2 as of now is secure from that)
I am so sad, I waited so long for this phone and then there is not even a wa to reset the phone, thats so sad and i am dissapointed. for now on I look for bruteforce tools to unlock my phone, maybe im lucky
Sure, such a scenario could be used by thieves, however, developers should always consider some users just sometimes forget things
It seems the problem started with original Jolla Phone, as there was no real solution for forgotten password, except sending a phone to Finland for recovery
I wonder if this (un-reflashability by enduser) shouldnât be kept as an option and a feature, forgetting your pin is pretty rare, and that makes the phone a really bad target for common thieves, not that a pickpocket would know about it to make his target decisions, but knowing your specific IMEI etc identifiable device cannot be just reflashed by anyone, offer a 5$/year service where they will contact you first to confirm the actual owner is trying to bring it back to life, otherwise itâs just a paperweight (would 5$ cover having to track ownership when one wants to sell, the year license is already tied to jolla account, so should be in a way already covered)
My english is not the best⌠What exactly want you to tell me ? That I can flash my device again for 5euros? Or did i missonderstood something? When I understood this wrong, there is a way to get my fresh flashed phone without sending it backj to finnland� Can you send me a link or something that I can use this for me? Kind regards
Stefan
Ha Ha HA you are such a funny guy. I used the pin code which Ive used at my old phone. It is nearly impossible that my code is wrong, i think here is it the fault of jolla
No, you can only contact jolla to arrange reflashing currently, but one could see this as a feature, thieves can just reflash any iphone/android phone and sell it, a thief with a stolen C2 creating a zendesk ticket seems absurdly unlikely though, extra service (which does not exist currently) to keep C2 in that state might be interesting for some, so you could productize this feature (of a lack of feature, itâs a feature not a bug), would just need a DB of IMEI and buy orders/contact information, one table in aleady existing dbs (not even that, just one extra column with boolean)
Edit: thief sends the device for reflashing, they contact owner who never agreed for remote reflashing and he happens to remember the pin too, wow, what a coincidence :), you can get your device back with all its data even
Thank you for your answer, where exctly can I write the jolla team? Kind regards. Hopefully they can offer me a solution without sending the device back
For broad masses forgetting a password is very common, but I agree with your concerns. I think the best solution would be an optional recovery password (something like this), off by default, that a âproâ user could set in terminal or UI.
While for an average user there should be just a âreset to factory settingsâ option in UI, nothing beats that
to be clear, you WANT to be firmware-locked out of your own device, at the whim of a company that might not exist tomorrow, and can charge you however much they want just so you can access your own device?
denying users the freedom to install whatever OS they want on a computer they have already purchased should be illegal.
if you want actual security of your data, to prevent thieves from easily taking it, jolla could offer this in the form of an actually secure encryption key (e.g.: a 15-char password that you must type at boot). you lose that password, the data is not recoverable, but you can still reflash the operating system. you can already report IMEIs stolen.
Yeah, if they offer a special service where they contact you as the original buyer on your original email (or give you a way to update it if you so wish) from original purchase to confirm that it is you who sent them the âforgotten pinâ phone, why not, donât sign up to it, expect your phone to be reflashed by a thief or random finder, if itâs opt in (and paid on top) whatâs wrong with that? People pay more for vpn per month to be secure from internet thieves lol
for a paid subscription service that jolla promises to reflash it for you
thereâs nothing wrong with #2, except that itâs strange to want to pay money for it, but you could accomplish #1 with an optional firmware locking password, like what Bohdan is suggesting. then it would actually be opt-in.
i donât understand what you want this for, except to spite thieves. it wont prevent the theft, and if what youâre worried about is your data, then you can just use that cryptographically secure password for data encryption instead of firmware lockingâŚ
If there is no recovery then you have to use specialist tools, not just usb cable and crack/hack.exe, this isnât latest galaxy phone selling millions, so the 2 thieves with this phone have exactly 0 reason to pool their resources to pay some russian hacker to unlock them so they can resell their stolen stock, being niche is an extra layer of security, having people opt-in for 2fa validation on factory reset of their hw-id connected to original purchase costs jolla literally as much as a phone call or sending an email, people pay way much more for more ridiculous âsecurityâ measures. If itâs opt-in again I cannot see whatâs wrong with that. Theyâre not selling millions of devices where it is problematic as you have thousands of real people forgetting pins, you sell 1k, you get 1 guy with bad memory, and maybe few dozens who would like a feature like that, itâs already in place you know by accident
i think maybe you misunderstand me. let me try to explain myself better:
none of the current or proposed features prevent the physical theft of the phone
none of the current or proposed features help you recover a stolen phone
protecting your sensitive data is VERY important
NOW, the C2 currently prevents casual thieves from getting your data, but it wont for long. either jolla will release recovery mode, or someone will figure out how to read the encrypted partition and then break the weakly encrypted LUKS
BUT this could instead be easily accomplished with an opt-in stronger encryption key, typed at device boot
your proposed feature buys you, the enduser, nothing beyond what strong encryption would. the most it can do is maybe prevent the thief from benefitting from having stolen it (so maybe they will steal another to make up for the lost sale?).
meanwhile, the cost of your proposed feature is denying everyone the right to install whatever OS they choose, regardless of pin lockouts or encryption.
How can i reflash the system, can you provide me a link to a tutorial video?
I really need help and I actually feel bad because i locked me out of y phoe. I apprciate every form of help. Kind regards Stefan
sorry my friend, as far as i know, you cannot. even if jolla releases the recovery mode tomorrow, you will be unable to use it because you wont be able to upgrade. (every other sailfish device except the C2 is user-reflashable, and i personally find it offensive that the C2 is not).
on the bright side, jolla will very likely reflash it for you if you send it back.